Samba MODIFY permission needs 'x' permission set in Linux?
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Rep:
Samba MODIFY permission needs 'x' permission set in Linux?
I have files which have the permissions: -rw-rw---- 1 jlinkels project_users
When I look in Windows, I am allowed to read and write the file, but not to modify it. In order to make it modifyable I must set it to: -rwxrw---- 1 jlinkels project_users
However, if my colleage which is also member of project_users want to modify the file I have to set it to: -rwxrwx--- 1 jlinkels project_users
What is documented in Samba is that the x bit in -rwxrw---- maps to the archive bit in Windows.
Now it seems that Unix rw- is mapped to Windows Read/Write, but not Modify. Unix rwx is mapped to Full Control, which obviously includes Modify
IMHO this is not logical. If a file in Unix has write permissions you may write, modify and delete it. In Samba the write permission is mapped to Create (Write), but Modify is as much write as you can get, isn't it?
I have only a small problem with the Full Control permissions in Windows when I just want to give Modify permissions. But I don't like to set the 'x' permission in Linux.
Do I really understand this well, and is it inevitable?
If a file in Unix has write permissions you may write, modify and delete it.
This is not quite true. On Unix, access to the contents of the file depend on its permissions* yes, but file creation, renaming, and deletion depends on the permissions of the directory containing the file. The file itself can be read-only, but if the user has write permission on the directory, he can still delete it.
*(Modifying a file also counts as a deletion/creation event, and so requires the modifier to have proper directory permissions, too.)
I'm not sure if this answers your question, as I'm not really familiar with windows permissions, or how samba translates them, but I thought I'd point that out.
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Original Poster
Rep:
David: I am astonished, but some simple tests demonstrated that you are right about this. That is to say, I am allowed to delete a file which I do not own in a directory for which I hold rwx permissions. However, although I am able to delete the file, I cannot modify it, not even read it. It doesn't help any with the Samba problem tough.
Camorri: I read that chapter before I posted here. Nowhere is mentioned that a user must hold -rwx------ permissions to edit his own file, or that he must hold -rwxrwx--- permissions to modify a file owned by his group. As a matter of fact, in the various examples it is shown that the Linux file permissions are -rw-rw-r--, while the W2k dialiog shows that the file can be read, written, but the modify checkbox is empty.
It is also explicitly mentioned that the group execute bit doesn't have any meaning (except for indication that a file is "system" in Windows, provided this map option is set to true.
Of course I checked if setting the execute bit in the directory had any effect -- it didn't.
I still don't understand it. It is documented differently, and it doesn't make any sense to give a user read/write permissions, but not modify. Modifying is what happens the most with user files. Neither can I imagine it to be a bug.
It helps to remember the Unix "everything is a file" philosophy. Under this concept, a directory is really just a special kind of file that holds a listing of all the files it "contains". Thus, if you want to add, remove, or rename something in the directory, you need permission to modify the directory "file".
I briefly scanned through the link above yesterday, and the thing that I gathered from it was that the mapping isn't intended to be particularly logical, and indeed can't be due to the differences in the systems, it just has to be able to hold all the possible combinations of permissions from the other file system in a usable manner.
Last edited by David the H.; 11-13-2009 at 06:28 AM.
I think you have to think about where the file is at any one time, and what that system is trying to do with it.
There is no modify bit in linux, or any unix file system I have looked at.
One thing samba has to do is preserve the bits created on a windows system. Since there is no modify bit, it is preserved with the execute bit ( group I think ). Windows has no group or world permissions.
So, windows does what windows does when the file is on a windows system. When moved to a samba server, the bits get translated a bit. That chapter does describe that.
Once that file is on a linux system, then linux rules apply, not windows. So it is the combination of directory permissions and file permissions that control what happens there. That is the way I view it. On linux, since there is no 'modify' bit, write permission by the user is what is required to change a file once created. This is the way I view it. I hope that makes sense.
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,195
Original Poster
Rep:
Quote:
Originally Posted by camorri
On linux, since there is no 'modify' bit, write permission by the user is what is required to change a file once created. This is the way I view it. I hope that makes sense.
Yes, that makes sense. However, setting the write permission on Linux is not what suffices. I have to set the execute bit. And that does not make sense.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.